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— The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 Responsive to communication(s) filed on 13 May 2004 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3)D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

A)M Claim(s) 1-38 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) H Claim(s) 1^38 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) Ex] The drawing(s) filed on 03 June 2004 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 185(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) 13 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)E3 All b)D Some * c)D None of: 

1 M Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1 -38 have been examined. Claims 1, 5, 7, 20, 21, 24, 25, 26, 28, 31 and 
33 have been amended in the amendment filed on May 13, 2004. 

Drawings 

2. The drawings were received on June 3, 2004. These drawings are acceptable. 

Response to Amendment 

3. The objections to the drawings are withdrawn as the new drawings overcome the 
objections. 

4. The objection to the specification is withdrawn as the amendment to the 
specification overcomes the objection. 

5. The objection to claim 31 is withdrawn, as the objection was pointed to errors 
found in claim 32. 

6. The objection to claim 32 is withdrawn as the amendment to the claim 
overcomes the objection. 
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7. The rejection to claim 28 under 35 U.S.C. 112, 2 nd paragraph is withdrawn as the 
amendment to the claim overcomes the rejection. 

Response to Arguments 

8. The following is a response to the arguments presented by the applicant on 
pages 16-20 in the amendment filed on May 13, 2004 and during the interview 
conducted on March 30, 2004. 

9. Applicant's argument, with respect to the objection to claim 9 has been fully 
considered and is persuasive. The objection to claim 9 has been withdrawn. 

10. Applicant's arguments, with respect to the 35 U.S.C. 112, second paragraph 
rejections to claims 5, 7, 13, 20, 21, 24-26, 28, and 33 have been fully considered and 
are persuasive. The 112, second paragraph rejections to these claims have been 
withdrawn. 

1 1 . Applicant's arguments with respect the 35 U.S.C. 103 rejections to amended 
claims 1-38 have been considered but are moot in view of the new ground(s) of 
rejection. 

Claim Rejections - 35 USC §112 

12. The following is a quotation of the second paragraph of 35 U.S.C. 112: 
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The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

13. Claims 1, 5, 7, 20, 21, 24, 25, 26, 28 and 33 are rejected under 35 U.S.C. 112, 

second paragraph, as being incomplete for omitting essential steps, such omission 

amounting to a gap between the steps. See MPEP § 2172.01. The claims define the 

limitation of a center holding a function generation value s but do not define a step 

wherein the value s is provided to the means for creating a value generation unique 

value u from s and d. Also, the claims define the limitation of a user receiving the 

unique value u but do not define a step wherein the value u is provided to the means for 

creating a one-way function value X(M) from u and M. 



Claim Rejections - 35 USC § 103 

14. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

15. Claims 1,2, 5-10 and 19-20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Zhang U.S. Patent No. 6,154,541 (hereinafter Zhang) in view of 
Walker et al. U.S. Patent No. 5,768,382 (hereinafter Walker) and Wolfgang et al. U.S. 
Patent No. 6,625,295 (hereinafter Wolfgang). As per claim 1, Zhang covers a method 
for generating a one-way-function value by applying a one-way-function to a plurality of 
seed values to create a hash value. These seed values and the resulting hash value 
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cover the values u, M, and X(M) as defined by applicant's claim 1 (see Zhang, col. 22, 
lines 37-46). Although Zhang does not explicitly define combining a unique value d and 
a unique value s to create the unique value u, Zhang does teach strategies of 
combining a plurality of parameters to generate new parameters using the following 
methods as disclosed in col. 21 , line 65-col. 22, line 36 to ensure a more secure key 
generation methodology: 

a. Segmented sequences 

b. Reassembling of fragmented/fractured numbers 

c. Multi-seeding 

d. Reseeding 

e. Any combinations of the above 4 

Hence, it would be obvious to one of ordinary skill in the art at the time the invention 
was made to create a unique value u from the values s and d. Motivation for such a 
combination would hinder disclosure of the generated keys by attempts to 
surreptitiously analyze the key generator as taught by Zhang. Further, the unique value 
u is provided to a user creating the one-way function value X(M). 

Finally, Zhang does not expressly disclose the unique value s to be held by a 
center; however, trusted third parties are institutions that provide certified values, and 
certified values are used to seed a key. For example, Walker discloses distribution of 
timestamps by trusted third parties and Wolfgang teaches using a timestamp as a seed 
value. See Walker, col. 28, lines 11-15; see Wolfgang, col. 7, lines 49-52. It would be 
obvious to one of ordinary skill in the art at the time the invention was made for the 
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unique value s (the seed) to be held by a center. Motivation for such an implementation 
would enable a key to be dependent on a certified seed value and as such, enable third 
party authentication means of the generated key as taught by Walker and Wolfgang, 
and as known to one of ordinary skill in the art. Ibid. The aforementioned covers claim 
1. 

16. As per claim 2, Zhang covers a method as outlined above in the claim 1 rejection 
under 35 U.S.C. 103(a). In addition, Zhang discloses means wherein the value 
generation unique value u is calculated by applying a one-way function G to the function 
generation unique value s and the unique value d (see Zhang, col. 22, lines 31-36). 

17. As per claims 5 and 6, Zhang covers a device for generating one-way function 
values that calculates a one-way function X dependent on a unique value d as outlined 
above in the claim 2 rejection under 35 U.S.C. 103(a). In addition, Zhang teaches that 
the steps defined above can be implemented in a smart card (see Zhang, col. 6, line 27; 
col. 13, line 3). The aforementioned cover claims 5 and 6. 

1 8. As per claims 7-9, Zhang covers a proving device for performing processing 
based on a private key dependent on a message M (see col. 6, lines 19-40, especially 
line 25) as outlined above in the claim 6 rejection under 35 U.S.C. 103(a). In addition, 
the device covers means for performing processing based on the private key X(M) (see 
Zhang, Figure 2, 'Crypt Unit B\ and related text). The aforementioned cover claims 7-9. 
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19. As per claim 10, Zhang covers a proving device as outlined above in the claim 7 
rejection under 35 U.S.C. 103(a). Zhang does not expressly disclose that the proving 
device is configured as a module inside a CPU of the device. Examiner takes Official 
Notice that proving devices, especially those using private keys in a cryptosystem, are 
conventionally configured as a module inside a CPU of a device. It would be obvious to 
one of ordinary skill in the art at the time the invention was made to configure the 
proving device as a module inside a CPU of the device. Motivation for such an 
implementation enables the proving device to be implemented using a processor. 

20. As per claim 1 9, Zhang covers a proving device as outlined above in the claim 7 
rejection under 35 U.S.C. 103(a). In addition, Zhang teaches that parameters defined 
by the method can be specified as variables controlling both the system and the keys 
generated (see Zhang, col. 16, lines 44-45). 

21 . As per claim 20, it is an apparatus claim corresponding to claim 1 9 and it does 
not teach or define above the information claimed in claim 19. Therefore, claim 20 is 
rejected under Zhang in view of Walker and Wolfgang for the same reasons set forth in 
the rejections of claim 19. 

22. Claims 18, 21-30, and 33 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Zhang in view of Walker and Wolfgang, and further in view of 
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Stallings Cryptography and Network Security 2 nd Edition (hereinafter Stallings). As per 
claim 18, Zhang covers a proving device as outlined above in the claim 7 rejection 
under 35 U.S.C. 103(a). Zhang is silent on the message M including use conditions of 
the message by the method. However, use conditions specified by a controlling 
message have been implemented in the analogous art of certificates. In particular, 
X.509 certificates define use conditions in the extensions to the standard parameters on 
the information established in the certificate (see Stallings, page 348, bullet 'Key 
usage'). As such, use conditions specifying the policies under which the values can be 
used or processed would be obvious to one of ordinary skill in the art at the time the 
invention was made. Motivation for such an implementation would enable a flexible 
means to distribute a plurality of types of messages and ensure that values distributed 
are properly processed or used. 

23. As per claim 21 , Zhang covers a proving device as outlined above in the claim 1 8 
rejection under 35 U.S.C. 103(a). Furthermore, the invention disclosed by Zhang is 
identified as being applicable to authentication schemes (see Zhang, col. 6, lines 19- 
40), which embodiments invariable cover certification authentication schemes. As 
taught by Stallings, certification authentication using public key encryption as listed in 
claim 21 is a close variant of a well-known authentication method (see Stallings, page 
186, Public-key Certificates'). Hence, it would be obvious to one of ordinary skill in the 
art at the time the invention was made to implement the device disclosed by Zhang as 
an authentication scheme by which the device is a right issuer by means of establishing 
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and issuing certificates to right recipients as taught by Stallings. Motivation for such an 
implementation would enable an authentication device based on standard certificate 
authentication means. 

24. As per claims 22 and 23, Zhang covers an authentication method as outlined 
above in the claim 21 rejection under 35 U.S.C. 103(a). In addition, an identifier aid 
indicating an authentication type and use conditions are included in the certification (see 
Stallings, Figure 11.3, 'Signature'; page 348, 'Key and Policy Information'). 

25. As per claims 24 and 25, they are apparatus claims corresponding to claim 21 
and they do not teach or define above the information claimed in claim 21 . Therefore, 
claims 24 and 25 are rejected under Zhang in view of Walker, Wolfgang and Stallings 
for the same reasons set forth in the rejection of claim 21 . 

26. As per claims 26 and 27, Zhang covers an authentication method as outlined 
above in the claim 22 rejection under 35 U.S.C. 103(a). In addition, the access ticket 
specified in the applicant's claims 26 and 27 is equivalent to the issued certificate 
generated by the right issuer and issued to the right recipient whereupon the rights of 
the right recipient is verified by means of the certificate as claimed in claim 22. Hence, 
claims 26 and 27 are covered by the invention covered by Zhang, Walker and 
Wolfgang, and modified by Stallings. 
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27. As per claim 28, it is an apparatus claim corresponding to claim 26 and it does 
not teach or define above the information claimed in claim 26. Therefore, claim 28 is 
rejected under Zhang in view of Walker, Wolfgang and Stallings for the same reasons 
set forth in the rejection of claim 26. 

28. As per claims 29 and 30, Zhang covers an access ticket issuing device as 
outlined in the claim 28 rejection under 35 U.S.C. 103(a). Zhang does not expressly 
disclose the access ticket being calculated as a difference between the private key x 
and the generated private key X(M) nor as a quotient x/X(M). However, as known in the 
art, the difference or quotient of two values are typical mathematical operations to divine 
the equality of the two values: the difference of two equal values is zero whereas the 
quotient of two equal, nonzero values is one. It would be obvious to one of ordinary skill 
in the art at the time the invention was made to calculate the access ticket as being 
calculated as the difference or quotient of the values x and X(M). Motivation for such an 
implementation allows for a simple calculation to determine if a generated value is 
equivalent to a stored or received value. The aforementioned cover claims 29 and 30. 

29. As per claim 33, it is an apparatus claim corresponding to claim 26 and it does 
not teach or define above the information claimed in claim 26. Therefore, claim 33 is 
rejected under Zhang in view of Walker, Wolfgang and Stallings for the same reasons 
set forth in the rejection of claim 26. 
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30. Claims 3, 4, and 11-17 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Zhang in view of Walker and Wolfgang, and further in view of 
Schneier Applied Cryptography 2 nd Edition (hereinafter Schneier). As per claim 3, 
Zhang covers a method as outlined above in the claim 1 rejection under 35 U.S.C. 
103(a). In addition, Zhang discloses scrambling s and d to create value u (see Zhang, 
col. 22, lines 31-36), but Zhang does not expressly disclose an encryption function with 
a symmetric key as the scrambling operation. However as taught by Schneier, 
scrambling techniques, such as diffusion and confusion, are commonly executed by 
symmetric encryption algorithms (see Schneier, page 237, 'Confusion and Diffusion'; 
pages 270-278, Section 12.2 'Description of DES\ especially 'Expansion Permutation' 
and 'S-Box Substitution'). It would be obvious to one of ordinary skill in the art at the 
time the invention was made to apply the teaching of Schneier to the method of Zhang. 
Motivation for such an implementation would utilize a standard encryption scheme to 
scramble s and d to create u. 

31 . As per claim 4, Zhang covers a method as outlined above in the claim 1 rejection 
under 35 U.S.C. 103(a). Zhang does not expressly disclose calculating X(M) by 
applying both the one-way function H and an encryption function D of a symmetric key 
to the values u and M. However, as known in the art, encryption steps using symmetric 
keys are efficient means to hide sensitive values (see Schneier, page 4, 'Symmetric 
Algorithms'). It would be obvious to one of ordinary skill in the art at the time the 
invention was made to apply the teaching of Schneier to the invention covered by 
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Zhang. Motivation for such an implementation would ensure that the processed value is 
secured. 

32. As per claims 11-17, Zhang covers a proving device as outlined above in the 
claim 7 rejection under 35 U.S.C. 103(a). In addition, the processing steps by the 
proving device as listed in dependent claims 11-17 are generic implementations of well- 
established cryptosystems as taught by Schneier. In summary, claims 1 1 and 12 are 
processing means to implement any type of verification scheme using a challenge 
variable such as a DSA signature algorithm (see Schneier, pages 486-487, 'Description 
of DSA', where H(m) is the challenge variable); claims 13-14 are processing means to 
implement authentication schemes having commitment values such as the Schnorr 
authentication (see Schneier, page 511, 'Authentication Protocol', where x is the 
commitment); claims 15 and 17, read on encryption schemes using multiplication, 
power operations, and modular arithmetic, including DSA signature and Schnorr 
authentication schemes as listed earlier; and finally, claim 16 reads on operations using 
elliptic curve cryptosystems (see Schneier, page 480, Section 19.8). It would be 
obvious to one of ordinary skill in the art at the time the invention was made to perform 
the processing based on standard cryptosystems. Motivation for such implementations 
ensures that the proving device is derived from proven cryptosystems. 

33. Claims 31-32 and 34-38 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Zhang in view of Walker, Wolfgang, Schneier, and Stallings. As per 
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claims 31 and 32, Zhang covers an access ticket issuing device as outlined above in the 
claim 28 rejection under 35 U.S.C. 103(a). Although Zhang does not expressly disclose 
combining two values as defined in claims 31 and 32, this type of operation on two 
variables is typical especially when the two values are of differing sizes. An example of 
this strategy is found in DES. A plaintext p is broken into 64-bit segments (p1 , p2, ... , 
pn) and each segment is operated on by a 56 bit key k (see Schneier, pages 270-278, 
Section 12.2, 'Description of DBS'). Furthermore, the resulting value has a standard 
size corresponding to the number of segments and the processed segment length, 
which is essential so that resulting values can be reconfigured into alternative but 
consistent formats. It would be obvious to one of ordinary skill in the art at the time the 
invention was made to combine two values by segmenting one value and applying each 
segmented value to the other value. Motivation for such an implementation enables two 
different formatted values to be combined where each part of the resulting value is 
dependent on both of the two values. 

34. As per claims 34-38, Zhang covers an authentication device as outlined above in 
the claim 33 rejection under 35 U.S.C. 103(a). Although Zhang does not expressly 
disclose using the access ticket to update values used in authentication, these steps are 
obvious implementations for the following reasons: an access ticket expressed as a 
difference or a quotient of private key x and value X(M) are obvious constructions to 
show equality/inequality of two values as argued above in the claim 29 and 30 
rejections, and further, the updates in claims 34-38 are obvious means to communicate 
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the resulting discrepancy between x and X(M) to an authenticates in the authentication 
schemes as summarized by Schneier and listed above. As defined in the applicant's 
Specification (see expressions 65, 67, and 69 on page 48), the update procedure is 
defined by applying the following types of operations: z = z + z*(x - X(M)), z = 
z A (x/X(M)) T or z = z/(x/X(M)), wherein the z variable is a challenge or response value 
defined in a step of a conventional authentication scheme. In these cases, z remains 
the same if x == X(M), and is updated to a different value if x!= X(M). Furthermore, as 
taught by Stallings, challenge or response approaches used in authentication methods 
typically comprise steps of submitting a value by a sender wherein the receiver is 
required to return the same value back to the sender (see Stallings, page 304, bullet 
'Challenge/response'). Hence, the steps of claims 34-38 are simple variations of this 
theme. It would be obvious to one of ordinary skill in the art at the time the invention 
was made to update challenge or response values in step(s) of implemented 
authentication schemes to determine if a generated value is equivalent to a stored or 
received value and thus determine authentication. Motivation for such an 
implementation would use simple update functions to determine if authentication has 
succeeded or failed. The aforementioned cover claims 34-38. 

Conclusion 

35. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
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§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Telephone Inquiry Contacts 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jung W Kim whose telephone number is (703) 305- 
8289. The examiner can normally be reached on M-F 9:00-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (703) 305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free), f / 




Jung W Kim 
Examiner 
Art Unit 21 32 
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August 6, 2004 
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